Turning the Human Firewall on

Securing change in employee behaviour, to ensure compliance with organisational policy and to reduce risk to an organisation, relies on employees making a discretionary effort with a positive security outcome. How can security leaders secure not just employee awareness but most importantly positive security behaviours to support embedding security into corporate culture?
Moderator:
Adrian Davis, MD (ISC)2 EMEA
Speakers:
Bruce Hallas, Founder, Analogies Project
Lee Barney, Head of Information Security, Home Retail Group

The security industry is witnessing a rapid evolution in attack techniques - including advanced polymorphic malware and file-less attacks. In fact, according to the 2016 Verizon Data Breach Report, the majority of breaches (53%) involve no malware.

Clearly, traditional antivirus (AV) solutions no longer stop advanced attacks. Modern attackers can easily get their hands on the static and highly predictable prevention models used by legacy AV vendors, which means they can reliably bypass them. Unfortunately, many emerging “next-gen” vendors are using approaches that fall victim to the same fundamental flaw.

In this webinar with guest speaker Chris Sherman, Senior Analyst at Forrester Research, we will discuss the latest trends in endpoint security, including results from The Forrester Wave™: Endpoint Security Suites, Q4 2016. Carbon Black's Paul Morville will talk about how to stop these pervasive attack techniques.

Topics Covered On the Webinar:
•Forrester analysis on new security threats and the need for a next-generation of endpoint security
•Forrester Endpoint Security Wave Report results
•How next-gen antivirus makes it harder for attackers to achieve their objectives

With the large possibility amount of personal data availably, Data protection impact assessments are crucial to identify, understand and address any privacy issues that might arise when developing new products and services or undertaking any other new activities that involve the processing of personal data.

The objective of this webinar is to provide a pragmatic approach to such type of assessments in the context of the GDPR and IoT.

Two themes emerge from 451 Research's recent study of the organizational dynamics of enterprise information security teams: that security teams are understaffed and potentially incorrectly positioned in organizations. Join us to review the the study's results based on more than 930 online surveys and 20 live interviews with enterprise security leaders.

Are you an (ISC)² member with questions about your certification and member benefits, or want to keep in touch with (ISC)² news in EMEA? Are you thinking about joining, and curious to hear more about what membership means and how (ISC)² can help you?

Join the Guide to Your (ISC)² Membership in EMEA webinar to learn more about these topics and others including:
- CPE opportunities, member benefits and getting involved
- Updates on (ISC)² news, developments and changes in your region
- Your membership requirements summarized
- Who are the (ISC)² EMEA team and how we can help you
- Focus discussions
- Q&A session

Threat hunting is evolving. Many organizations still carry out threat hunting in an adhoc manner without a defined and repeatable process. Yet some organizations are now looking at new machine learning driven approaches to accelerate their maturity and success. This session will review the current approaches to threat hunting and explain how Splunk can support & accelerate your threat hunting maturity.

The new GDPR regulations are going to change how enterprises behave, and it's not just a matter for IT departments. So how do you get boards to listen? How do you make marketing care? How do you get finance's attention? Who else needs to know?
Six months after the publication of the GDPR and 20 months before it is implemented, what has been learnt and how can you take advantage of other people’s experience?
The team will talk and address these and other questions – less a seminar and more a round table discussion; come along with your questions ready for the team.

Join Nigel Hawthorn, Anthony Lee and Adrian Davis for a look at GDPR and leave with some answers to your questions.

The new EU regulation of the Privacy world (the GDPR) is rapidly approaching. This webinar will reveal a back to basics approach in relation to GDPR. Specifically, Jason Hart - Gemalto CTO will identify a GDPR blueprint that tackles the privacy concerns around confidentiality, integrity and availability of sensitive data.

Are you an (ISC)² member with questions about your certification? Would you like to hear more about member benefits and how (ISC)² can help you? Join the Guide to your (ISC)² Membership in EMEA webinar to learn more about these topics and others including:
•CPE opportunities, member benefits and getting involved
•Your membership requirements summarized
•Who are the (ISC)² EMEA team and how we can help you
•Focus discussions
•Q&A session

Security threats continue to grow in sophistication and volume. With the emergence of the cognitive era, IBM Security is revolutionising the way security analysts work using Watson for Cyber Security as a trusted advisor leveraging threat research and gaining powerful insights from a plethora of structured and unstructured data.
Join this webinar to hear how Cognitive Security will be a game changer in the industry, enabling better human decision-making and reducing the cost and complexity of dealing with cybercrime.

In the CISO Says Series, information security leaders share their experiences of what it means to be responsible for establishing and maintaining an enterprise's security vision and strategy in an interview format. They provide insight into the path he took to become CISOs and how they are reinventing the role in the face of accelerating industry change.

Dr Gareth Owenson is the course leader for the Forensic Computing programme at the University of Portsmouth. He teaches extensively in forensics, cryptography and malware analysis. His research expertise is in darknets, where he is presenting working on alternative approaches that may lead to novel applications of the blockchain. Gareth also has a strong interest in Memory Forensics, and undertakes work into application-agnostic extraction of evidence by using program analysis.

Gareth has a PhD in Computer Science (2007) and has taught at several Universities throughout the UK.

Phishing and Spear Phishing attacks are the number one starting point for most large data breaches. However, no traditional security technology is currently able to mitigate the risks associated with these type of threats. Join this webinar to learn why phishing attacks are so successful, what capabilities organizations need to carry out a forensic investigation and what questions you need to be able to answer following an attack to respond effectively.

There is no such thing as a "secure" system - we do our level best to design them as well as we can, to put controls and measures in place - but, at the end of the day, things can and do go awry. Today we are going to talk about Forensics, and how it is the opposite side of the coin from security. What can we do in advance to aid in forensic investigation? What do we do at the point of a compromise to allow us to preserve as much evidence as is possible? And, ultimately, how to we take a forensic analysis and learn from it to create a better system the next time?

During the first half of 2016, encryption ransomware grew to become the most common type of malware used through soft-targeting and massively distributed attacks. Encryption ransomware now accounts for 50% of all malware delivery configurations, meaning that it is no longer considered simply a means for making a quick profit, but a permanent fixture on the threat landscape. Daily email-based attacks require an unattainable perfect response – every time. However, teams are constantly working within constraints and breaches continue to occur in record number. Technology has been introduced to help but has failed time and time again.
Join PhishMe’s Brendan Griffin and Will Galway to hear why it’s not all doom and gloom. In this session, you’ll learn about:

The new EU regulation of the Privacy world (the GDPR) is frequently portrayed as a scary and formidable piece of legislation that’s going to rock the online & off-line world. This webinar will explore what the implications really are. How much will change from the present regime? How difficult will it be to comply? Also is there an opportunity hidden in the challenge? And where will security and security professionals fit in the new picture?

What can Space Invaders teach us about attack path analysis? Mario about defending your users that are the weakest link? Even Pac Man about focusing on the right goals? Join Gavin Millard, EMEA Technical Director, who will explore the lessons to be learned from the games many of us played years ago that are still valid in the reduction of security risks within all of our infrastructures. Key takeaways from the webinar include:

How to game the system to get a high score in security.
How to gain insight into the attack path used by hackers to gain access to your data.
What cheats can be used to reduce the risk of data loss.

The “(ISC)² EMEA reacts” are ad-hoc webinars scheduled in reaction to major Information security events and breaches. Here we bring together leading Industry experts to join Adrian Davis, Managing Director, (ISC)2 EMEA to explore the impact, potential responses, and implications for the future, offering professionals much-needed perspective as the dust settles.

Privilege is at the centre of the attack lifecycle, yet removing Windows users’ local administration rights has a negative impact on the user experience and creates a desktop support headache.

Join this webinar to learn how least privilege, combined with the right application control technologies, can enable you to remove local administrator rights to reduce your attack surface, while keeping your users and support teams happy. The session will cover the technologies required to achieve this and demonstrate how their unique combination can protect you from ransomware.

In the CISO Says Series, information security leaders share their experiences of what it means to be responsible for establishing and maintaining an enterprise's security vision and strategy in an interview format. They provide insight into the path he took to become CISOs and how they are reinventing the role in the face of accelerating industry change.

After years of talking about it, companies are finally ready to begin the process of replacing traditional antivirus software. Next-generation antivirus vendors claim to protect endpoints from modern threats like PowerShell attacks and obfuscated malware with much higher effectiveness. But what exactly makes an antivirus product “next-generation”?

This webcast led by John D Wood, Carbon Black Defense Regional Manager, will dive into the technology behind next-generation antivirus so that IT and security teams can cut through the noise and properly evaluate the next wave of solutions.

Forming part of the (ISC)² commitment to Inspiring a Safe and Secure Cyber World, we welcome you to the (ISC)² EMEA Secure Webinars Channel. Sign up to join us for educational Security Briefings, ThinkTank Round Tables and eSymposiums aimed at all those vested in the world of information security. We welcome members and non members alike.